GT500

Emsisoft Employee
  • Content Count

    12628
  • Joined

  • Days Won

    380

Everything posted by GT500

  1. OK, I have sent the link to your logs to our developers, and I'll let you know if they need any more information.
  2. You're quite welcome. Please let me know if you have any further issues.
  3. Do you have exclusions in set up in your ESET software for Online Armor's files?
  4. Our developers have taken a look at the logs, and it looks like you are using the same license key on more than one computer, however this license key is only for one computer (which is what is causing the issue). If the license key you purchased was supposed to be for more than one computer, then please send me a private message with your order information (or at least with the license key) and I will look into what might be going on. Note: Please do not post your license information in a public area of the forums.
  5. Could we get some debug logs for our developers to look at? Here are some instructions: Please open Online Armor, go to Options in the menu on the left, click the little check box to enable debug mode, restart your computer, and then try reproducing your problem with the tray icon not changing when Online Armor is disabled. After that, please ZIP your entire logs folder (normally C:\Program Files\Online Armor\Logs), upload it to a website such as RapidShare/DepositFiles/BayFiles/etc (which one you use is up to you), and then copy and paste the link to download the file into a reply (or you can send it to me in a Private Message if you don't want the link posted publicly on the forums). Note that, if you don't have a utility such as 7-Zip, WinZip, or WinRar that you can ZIP files and folders by right-clicking on them, going to Send To, and clicking on Compressed (zipped) Folder.
  6. Yes, however that answer is a bit misleading. If the kind of game that you are talking about is a 3D game from a major developer/publisher, then I don't expect worms to be spreading though them. When it comes to games that you play by visiting a website (Facebook games for instance) then it is possible to get infections from such things (especially if they are not from reputable companies), however most worms spread though other means. While worms spreading though online games may become an issue in the future, it is not really an issue at the moment, and since there are certain issues with making it work I don't expect to see it in the near future. The reason I said 'yes' is because there are worms that can spread without you doing anything. If they find a computer that can be exploited, then they will exploit it. This can happen when you are chatting with someone in an online game, even if that game is safe and there is not way that someone you are chatting with in the game can exploit it to send you something malicious, because it is not related to the game, and thus I say that my 'yes' answer is somewhat misleading, since without explanation it makes it sound like worms spread through online games. Worms like this are usually quickly nullified by patches from Microsoft and updates for your security software, plus good behavior blockers and HIPS/firewalls can usually prevent them from spreading before the updates that prevent them come out.
  7. I don't recall them giving me an explanation, however they were not concerned by it (if it was a problem then they would have let me know).
  8. OK, go ahead and run OTL again, and attach the new OTL log to a reply for me. Also, please let me know if your computer is still having any issues.
  9. First, please allow me to apologize for the slow response time. I am not certain why I didn't see your post before now. Yes, you can remove those proxy settings at any time. With those proxy settings, Emsisoft Anti-Malware will only be able to download updates while Fiddler is running, so it is best to remove them for Emsisoft Anti-Malware to run its updates normally.
  10. OK, let me know if that makes any difference.
  11. You're quite welcome. Please let us know if you have any further issues.
  12. This can be triggered by certain applications that perform certain actions which cause our Behavior Blocker to check them too frequently, thus driving up the CPU usage. If this is what is happening, then DebugView can tell us what process is causing it. Here are instructions for running DebugView: Download DebugView from this link: When downloading, make sure to save it on your Desktop instead of clicking 'Run' or 'Open'. Right-click on the 'DebugView' file that you just saved on your Desktop, and select "Extract All". Before running DebugView, you will need to add a process exclusion to Emsisoft Anti-Malware to prevent crashing issues. Here are the instructions: Please go ahead and open Emsisoft Anti-Malware from the icon on the desktop. click on Guard in the menu on the left. Go to the File Guard tab. Click on the Manage whitelist link on the left, just above 'Alerts'. On the left, under where it says Type, click on where it says File and change it to Process. Click in the white space to the right of where you just changed 'File' to 'Process', under where it says Item, and a little button with three dots on it will appear to the right. Click on the button with the three dots. Navigate to the folder where DebugView is saved (this should be on your desktop), select the Dbgview file, and click the Open button in the lower-right. Click OK at the bottom to save the settings, and then close Emsisoft Anti-Malware. Open the new DebugView folder that was created on your Desktop after extracting. Windows XP and 2000 users should double-click on the file named 'Dbgview'. Windows 7 and Vista users should right-click and select "Run as Administrator". Click on the 'Capture' menu, and select everything except "Log Boot" (you will have to open the menu again after clicking to select an item). We'll only need a few seconds of logging while the CPU usage is high, so after verifying that the CPU usage is high then click on the 'File' menu and select select to save the log (it is easiest to save it on your desktop, as this makes it easy to find). Please attach that log file to a reply so that we may analyze it for errors. You will need to use the More Reply Options button to the lower-right of where you type in your reply in order to access the attachment controls. Note: You may need to ZIP the log file in order to attach it. If you do not have a program such as 7-Zip, WinZip, WinRar, etc. then you can right-click on the log file, go to Send to, and click on Compressed (zipped) folder. You will be able to attach the ZIP archive to a reply.
  13. Please try following the instructions at this link to start your computer in Safe Mode, and then try to run OTL with the script again. That should eliminate any possibility of other software interfering with OTL while it runs the fixes in the script.
  14. Have you checked in Online Armor to make sure that the rule was created? In the Program rules you will need to uncheck the option to hide trusted programs, and the list should be in alphabetical order.
  15. I have written a cleanup script for OTL (if you need to, you may download OTL from this link). Please download the following OTL_Script file, and save it on your desktop. After saving it, open it, run OTL, and copy and paste the contents of the OTL_Script file into the Custom Scans/Fixes box at the bottom of the OTL window: Then click the Run Fix button at the top. Let the program run unhindered, restart your computer when it is done (it may automatically restart your computer on its own). After your computer has restarted, please proceed with the instructions below for AdwCleaner and Junkware Removal Tool. Please download AdwCleaner and save it on your desktop. Close all open programs and internet browsers (you may want to print our or write down these instructions first). Double click on adwcleaner.exe to run the tool. Click on Delete. Confirm each time with Ok. You will be prompted to restart your computer. A text file will open n Notepad after the restart (this is the log of what was removed), which you can save on your desktop. Please attach that log file to a reply by clicking the More Reply Options button to the lower-right of where you type in your reply. If you lose that log file for any reason, you can find it at C:\AdwCleaner[s1] on your computer. Please download Junkware Removal Tool and save it on your desktop. Shut down your anti-virus, anti-spyware, and firewall software now to avoid potential conflicts. Run the tool by double-clicking it. If you are using Windows Vista or Windows 7, right-click it and select Run as administrator. The tool will open and start scanning your system. Please be patient as this can take a while to complete depending on your system's specifications. On completion, a log is saved to your desktop and will automatically open. Please attach the JRT log file to a reply by clicking the More Reply Options button to the lower-right of where you type in your reply. Once you have run both of those tools, go ahead and run OTL again, and click the Run Scan button to get me a fresh OTL log, and attach that to a reply the same way you attached the other logs.
  16. I don't notice any major slowdown issues in my 64-bit testing environments. Does the same slowdown issue happen if you right-click on the Malwarebytes' Anti-Malware icon in the System Tray and uncheck the "Start with Windows" option?
  17. I have forwarded your logs on to our developers. Actually, we can't download those logs. It says "Download permission denied by uploader. (0b67c2f5)"
  18. May I ask what happens if you try to launch the Guard manually? You can do this through the Start menu, by going to All Programs, going to Emsisoft Anti-Malware, and then selecting the Emsisoft Anti-Malware Guard.
  19. After merging your two topics together, the forums are no longer allowing me access to download your attachments. If you still have the logs, could you please attach them to a reply again by using the More Reply Options button to the lower-right of where you type in your reply?
  20. It shouldn't be possible to exploit your computer or personally identify you with the SID number, so it is safe to post of the forums.
  21. You're quite welcome. Please let me know if you have any further issues.
  22. These look like legitimate GoogleUpdate.exe files, so I don't think there's anything to worry about here.
  23. A traditional anti-virus is still recommended, simply because it would help reduce the risk by supplementing with signature based detection. You are correct that any behavior that could be exhibited by a malicious software should be picked up by Mamutu, and as long as you answer the prompts correctly it will block any malicious process from performing those action.
  24. Your license should be fixed now. Also, if you ever have trouble receiving e-mails from our helpdesk, then you can log in at this link and check your tickets to see if there has been a reply.